NATO Hacked By Anonymous: Claims SQL Injection Attack Yielded 1GB of Restricted Data
Highly flying, and highly visible hacktivist group Anonymous, is claiming it has hacked into a NATO system, and is sitting on approximately a gigabyte of NATO restricted data. Interestingly, the group is saying they probably won’t publish the data, as it would be “irresponsible,” as the group described it.
The group did, however, post a PDF document dated August 27, 2007 and marked “NATO RESTRICTED.” The document released was addressed to the Management and Implementation Chief at NATO HQ, and outlines costs and provides details in the form of a proposal for a technology project titled, “CIS Support for ISAF,” a project that appears to be related to NATO/ISAF networks and systems within the Afghanistan JOA (Join Operations Area). The document details vendors and products that would be used in the project, along with costs associated.
“We are sitting on about one Gigabyte of data from NATO now, most of which we cannot publish as it would be irresponsible. But Oh NATO….,” the group posted to its Twitter feed this morning.
Anonymous said it used a simple SQL Injection attack to gain access. “Yes, #NATO was breached. And we have lots of restricted material. With some simple injection. In the next days, wait for interesting data :),” the group tweeted.
While the NATO document posted initially doesn’t appear to contain especially sensitive material, especially considering the date of the document, it will be interesting to see if the group releases additional documents.
On Tuesday, the FBI said agents executed more than 35 search warrants and arrested fourteen alleged members of the Anonymous hacking collective in a coordinated crackdown across the nation. The U.S. Department of Justice said in a statement that the individuals were arrested on charges related to their alleged involvement in Distributed Denial of Service (DDoS) attacks on PayPal’s website.